From 80856a83fd2b6c5df1a09229f64df93363b5df3a Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Tue, 20 Dec 2022 03:32:59 -0500
Subject: [PATCH] Remove COEP

It breaks gravatar

Signed-off-by: Tommy <contact@tommytran.io>
---
 Caddyfile | 1 -
 1 file changed, 1 deletion(-)

diff --git a/Caddyfile b/Caddyfile
index 632378b..baebae9 100644
--- a/Caddyfile
+++ b/Caddyfile
@@ -34,7 +34,6 @@
       header_down Content-Security-Policy "default-src 'self'; object-src 'self' blob:; script-src 'self'; style-src 'self' 'unsafe-inline'; child-src 'self' https://*.duosecurity.com https://*.duofederal.com; frame-src 'self' https://*.duosecurity.com https://*.duofederal.com; frame-ancestors 'self' chrome-extension://nngceckbapebfimnlniiiahkandclblb chrome-extension://jbkfoedolllekgbhcbcoahefnbanhhlh moz-extension://*; img-src 'self' data: https://haveibeenpwned.com/ https://www.gravatar.com; connect-src 'self' https://api.pwnedpasswords.com/range/ https://2fa.directory/api/ https://app.simplelogin.io/api/ https://app.anonaddy.com/api/ https://api.fastmail.com/; block-all-mixed-content; base-uri 'none'"
       header_down X-XSS-Protection "0"
       header_down Cross-Origin-Opener-Policy same-origin
-      header_down Cross-Origin-Embedder-Policy require-corp
       header_down Cross-Origin-Resource-Policy : same-origin
       header_down Expect-CT: "enforce, max-age=63072000"
   }